Privacy Policy
Vigorate Digital Solutions Inc. is a "Best Practices" organization; we uphold the highest industry standards in all areas of our business. We are committed to protecting the privacy of all those who interact with us, our clients and their customers, whether online or offline. Based in Canada, the Vigorate Privacy Principles are based on the Canadian Privacy Act, one of the strictest federal privacy legislations in the world. Our policies are also continually updated to ensure compliance with U.S. and EU (European Union) legislation.
How Vigorate Protects Your Privacy
Web Site PrivacyPermission Email Marketing Practices
10 Privacy Principles for Protecting Personal Data
EU Compliance (UK and Europe) for Email Marketers
CAN-SPAM Compliance (US) for Email Marketers
How Vigorate Protects Your Privacy
Protecting your Privacy Means:
- We keep your information in strict confidence and secure it using leading technologies
- Your information is not sold
- You have control over how we obtain and use this information
- You have access to the information we have about you
- We respect your privacy when we market on our behalf or on behalf of others
Your Information is Obtained or Used Only With Your Consent
We obtain your consent before we:
- Collect any personally identifiable information
- Send you information about products and services by means of email
- Obtain, use or disclose to other persons, information about you unless we are obliged to do so by law
- Use your information in any way we didn't tell you about previously.
You Can Withdraw Your Consent After You've Given It
You can withdraw your consent any time after you've given it to us, provided there are no legal requirements to prevent this.
We Ask for Your Consent Before Sharing Information With Other People
We don't share information about you with other organizations, or release it to anyone outside of our company without your consent.
When we are working with marketers or their advertising agencies, we will collect information on their behalf and transfer this information to them. This information will not be aggregated with other information collected outside of the scope of any contracts we have with our clients and will be removed from our servers when requested by our client.
There are some exceptions to the above rules:
- Use of an outside company to process information
At times we may use the expertise of an outside company to do work for us involving some of your information. When we do, we select the company carefully and confirm that it uses security standards comparable to those of Vigorate. - We must disclose information for legal reasons
We may be compelled to release information by a court of law, or other legal or regulatory authority. If so, our policy is to release information only to the extent that we have to.
We are Committed to Keeping your Data Confidential
Only authorized employees have access to your information and are fully trained on how to keep it confidential. Each employee is aware that maintaining confidentiality is a condition of employment with Vigorate.
You Can See and Verify the Accuracy of Your Information
Upon request, we can work with you to check your information to verify, update and correct it. Upon request in writing, you can have any obsolete information removed. Much of this information you can check yourself by using the Update Profile link on our website and in our emails (in some cases you will need to log in or have cookies enabled in your web browser).
We Respond to Your Request Promptly
We'll deal quickly with your request to see your information, and always respond to you within a maximum of 30 days. If we need to extend the time we'll tell you why, subject to any legal restrictions and we'll notify you of the new deadline, the reasons for the extension, and your rights under applicable legislation respecting the extension.
We Monitor Our Compliance With Our Privacy Policies
We have procedures in place to assist our employees in the practice of our privacy policies. We monitor and audit the practice of these policies on a regular basis and report the findings to our CEO.
We Are Committed to Upholding our Privacy Policies
If you have any questions or complaints about our privacy policies, or about how we are living up to them, let us know right away by contacting us at privacy@vigoratedigital.com.
You can also contact our Chief Privacy Officer at the above email or by writing to the CEO or Chief Privacy Officer, Vigorate Digital Solutions Inc., 650 W. Georgia, Suite 780, Vancouver, BC V6B 4N8, Canada.
Resolving Your Concerns Is Important to Us
Vigorate is committed to providing the highest level of service by treating you with the greatest respect and consideration. Our primary concern is resolving any problems that may arise, whatever the circumstances.
Web Site Privacy
Security and Privacy
Vigorate's web site uses security measures to protect against the loss, misuse, and alteration of any information under our control. We store the information in a database in a secure environment at our data/hosting center.
We will not share, sell, or rent individual personal information without explicit permission or unless ordered by a court of law. Information submitted to us is only available to employees managing this information for purposes of contacting you or sending you emails based on your requests for information.
Information Tracked
At times we will use your IP address to help diagnose problems with our server and to administer our web site. We also may track browser types to help us understand our visitors' needs related to our web site design.
There is an optional section of our web site where input forms require your name, company, email address and other information such as preferences. These forms provide the ability to subscribe (opt-in) to receiving future emails from Vigorate. If you opt-in to receiving email communications from us, then we may send information to you on our products or services.
Cookies
Client-side cookies are used to verify the login status of customers using products or services linked directly with our website. Usage of a cookie is in no way linked to any personally identifiable information while on our site. If a user rejects the cookie, they may still use our site; however, the user may not be able to access all areas of our site.
Links to other Websites
Client-side cookies are used to verify the login status of customers using products or services linked directly with our website. Usage of a cookie is in no way linked to any personally identifiable information while on our site. If a user rejects the cookie, they may still use our site; however, the user may not be able to access all areas of our site.
Notification of Changes
When there is a change to our privacy policy that may impact individual rights or the way we handle their information, Vigorate will notify those people who have provided opt-in (permission) to receive email or other communication from us, or who have consented to the collection of information. Any new policy will be posted on our site at least one week prior to taking effect. If at any point we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we will notify users by way of an email. Users will have a choice as to whether or not we use their information in this different manner.
Permission Email Marketing Practices
Vigorate is a provider of technology and services for permission-based marketing. This includes electronic mail (email). We oppose SPAM (unsolicited commercial email or "UCE"). We only deliver permission-based (opt-in) email and request that our clients engage in only permission-based marketing practices in areas where they interact with our organization. Our clients must certify that they will only use our technology (software) and services to send emails to customers and prospects that have directly consented to receive email from them. These clients must be able to prove that "opt-in" permission has been acquired. They are forbidden to transmit unsolicited commercial email (spam) via our system.
Client Agreement
Our clients agree not to use our system to send unsolicited email. For any opt-in list of email addresses used in our system, clients agree to provide Vigorate with the source of the email addresses, the method used to capture the data and verification of the consent to receive emails from such individual. We also encourage our clients to respect their customers' time and attention by controlling the frequency of mailings to individual email addresses.
Our clients certify that they will not use rented or purchased lists, email append lists, or any other list that contains email addresses captured in any other method than opt-in. Vigorate retains the right to review client lists and emails to verify that clients are abiding by the privacy and permission policies set forth herein. However, our clients are ultimately responsible for compliance with our policies.
Vigorate reserves the right to cancel transmission of emails or campaigns if found to contradict spam, permission or privacy laws, or if any response(s) may indicate a possible breach of these laws.
How do we protect your privacy?
We use strict security measures to protect against the loss, misuse and alteration of data used by our system. Please review our Privacy Statement or Privacy Policy for more details.
Why did you receive an email from our system?
If you received an email from us, it is because one of our clients used the Vigorate servers and/or technology (software) to send you an email. Our clients certify that all email addresses used in our system are opt-in names that have given permission to the client to send them email. We promise to keep your email address secure and private and will not use it for other purposes. If you have received an email in error, please forward a copy of the message to us at abuse@vigoratedigital.com.
How do I get off an email list?
Each email sent through the Vigorate system contains a link that allows subscribers to unsubscribe from receiving emails from the sender. Each email sent contains an easy and automated way for you to unsubscribe. You may also change your expressed interests at any time by using the Update Profile link found in many emails or on the sites of the sender. If you wish to unsubscribe or change your interests, simply follow the instructions at the bottom of any email. If you have received an unwanted email sent by the Vigorate system, please forward a copy of the email with your comments to abuse@vigoratedigital.com.
Will your information ever be shared, sold or rented?
We will not share, sell, or rent individual personal information without your advance permission, unless ordered by a court of law. Information submitted to us is only available to employees responsible for managing this data, including our clients.
Confirmed Opt-In
Vigorate has taken an additional step for permission-based marketing by building the technology to offer double opt-in collection. When this is used, any time someone adds their email address in the registration or subscription process they will be sent an email asking them to verify that they wish to receive communications via email. Only those responding affirmatively to the confirmation will be opted in for future mailings.
If you have any questions about the Vigorate Anti-Spam policy, please contact us at privacy@vigoratedigital.com.
10 Privacy Principles for Protecting Personal Data
Vigorate has based its core privacy policy on the 10 "privacy principles" of the Canadian Privacy Act (PIPEDA). These same principles are at the core of the European Union Privacy and Electronic Communications Directive and UK Data Protection Act.
These principles are as follows:
- Accountability:
an organization is responsible for personal information under its control and must designate an individual or individuals who are responsible for the organization's compliance with the ten principles set out in the legislation; - Identifying the purpose:
the organization must identify the purposes for which the information is collected at or before the time the information is collected. If the purpose changes, the organization must identify the change in purpose; - Consent:
the individual concerned must give his or her consent to the collection, use or disclosure of personal information, except where to do so would be inappropriate; - Limiting collection:
personal information can be collected only to the extent that it is necessary for the purpose identified by the organization. The information must be collected using fair and lawful means; - Limiting use, disclosure and retention:
personal information can only be used for the purpose it was collected, except with the consent of the individual or as required by law. The information should be retained only as long it is required to fulfill the specified purpose; - Accuracy:
personal information must be accurate, complete and up-to-date; - Safeguards:
personal information must be protected by security safeguards appropriate to the sensitivity of the information; - Openness:
an organization should make specific information about its policies and practices relating to the management of personal information available to individuals; - Individual access:
upon request, an individual shall be informed of the existence, use and disclosure of personal information and shall be given access to the information. The individual can challenge the accuracy and completeness of the information and have it amended as appropriate; and - Challenging compliance:
an individual can challenge the organization's alleged compliance with the above principles and hold the designated person accountable for the organization's compliance.
For more information on Canada's Privacy legislation, please visit the site of the Privacy Commissioner of Canada at http://www.privcom.gc.ca/index_e.asp
EU Compliance ( UK and Europe) for Email Marketers
Vigorate has further based its core privacy policy on EU Compliance requirements for email marketers. Marketers communicating with customers in the UK or Europe via email, SMS or fax must adhere to the following guidelines:
- The recipients have provided opt-in consent.
- There is an exception for a company's customers, where the person's email address was obtained as the result of a sale, but they must be offered an option to withdraw consent.
- All email must come from a valid sender whose identity is not concealed or is in any way misleading.
- All email communications must include a valid opt-out mechanism, not just an email address.
For further information, the Direct Marketing Association (UK) provides an overview of the act here: http://www.dma.org.uk/content/what-we-do-you
You may also refer to the Information Commissioner's website here for specific information on combating spam: http://www.ico.gov.uk
CAN-SPAM Compliance (US) for Email Marketers
Vigorate further ensures that it complies with CAN-SPAM in the US and Canada. While marketers are able to send commercial email on an 'opt-out' basis, in efforts to reduce spam, the CAN-SPAM legislation requires marketers provide additional proof of identity of sender, and emphasizes a need for centralized subscription management. The main points for compliance are as follows:
- Ensure message header information provides a proper from address and is not falsified. If you are working with an email service provider, they will handle this for you, as well as most allow for you to have your company name and email address as the 'from' address.
- Subject lines must relate to the message and not be misleading.
- Allow for unsubscribe requests to be received and processed via the message reply address.
- Process your unsubscribe requests within ten days or less.
- Maintain a centrally managed unsubscribe list. If an unsubscribe request is received by your sales department, it is considered an unsubscribe request for all mail from your company. This is an opportunity to upgrade your subscription management processes, and ensure your sales communications and CRM systems are tied into your email marketing programs.
- Identify commercial messages as commercial in nature. Some companies took this to mean they required a subject line prefix, such as ADV, but the current legislation merely requires that somewhere in the message it is identified as a commercial solicitation.
- List your company's physical address within the email, which may not be a PO Box.
MarketingProfs.com provides an excellent article summarizing the CAN-SPAM legislation and the points of law still requiring more clarification: http://www.marketingprofs.com/4/squillante3.asp